<?php session_start();
include "constants.php";

$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); 

if (!$link) { 
    die('Could not connect: ' . mysql_error()); 
} 
mysql_select_db(DB_NAME);

if ((isset($_POST['add_profiles'])) && (strlen(trim($_POST['add_profiles'])) > 0)) {
	$add_profiles = stripslashes(strip_tags($_POST['add_profiles']));
} else {$add_profiles = '';}

if ((isset($_POST['newcomments'])) && (strlen(trim($_POST['newcomments'])) > 0)) {
	$newcomments = stripslashes(strip_tags($_POST['newcomments']));
} else {$newcomments = 'NO COMMENT';}


if ((isset($_POST['add_status'])) && (strlen(trim($_POST['add_status'])) > 0)) {
	$add_status = stripslashes(strip_tags($_POST['add_status']));
} else {$add_status = '0';}


if($add_status!=3){
echo $add_status;
echo "Sorry, You are in the wrong page";
exit();
}

$COMMPROFILES = "UPDATE Profiles SET COMMENTS='$newcomments' WHERE ProfileID = '$add_profiles'";
$COMMRESULT = mysql_query($COMMPROFILES,$link);



?>
<head>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Cash2u.ca: Payday loan Application process</title>
<META NAME="Description" CONTENT=Cash2u.ca offers online payday loans and cash advance for Canadians">
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js"></script>
<script type="text/javascript">
	window.open('', '_self', ''); window.setTimeout("window.close()", 3000);
</script>
</head>
<body>
<form>
<p>udpating comments........</p>
</form>
</body>
</html>